PR/60011: TLS alignment wrong on powerpc
Fix previous where I only got the alignment right for the architectures
where the thread pointer points to the struct tcb. Handle the
architectures that have a thread pointer that is relative to end of the
struct tcb, e.g. powerpc.
Hopefully the commit in the tls.c explains what's going on.
Thanks to riastrah@ and andvar@ for comments/things to fix.
py-textual: update to 8.1.1.
8.1.1
Fixed
Hotfix for animation on complete #6412
8.1.0
This release should smooth scrolling large documents, particularly for Python < 3.14
py-ruff: update to 0.15.6.
Preview features
Add support for lazy import parsing (#23755)
Add support for star-unpacking of comprehensions (PEP 798) (#23788)
Reject semantic syntax errors for lazy imports (#23757)
Drop a few rules from the preview default set (#23879)
[airflow] Flag Variable.get() calls outside of task execution context (AIR003) (#23584)
[airflow] Flag runtime-varying values in DAG/task constructor arguments (AIR304) (#23631)
[flake8-bugbear] Implement delattr-with-constant (B043) (#23737)
[flake8-tidy-imports] Add TID254 to enforce lazy imports (#23777)
[flake8-tidy-imports] Allow users to ban lazy imports with TID254 (#23847)
[isort] Retain lazy keyword when sorting imports (#23762)
[pyupgrade] Add from __future__ import annotations automatically (UP006) (#23260)
[refurb] Support newline parameter in FURB101 for Python 3.13+ (#23754)
[ruff] Add os-path-commonprefix (RUF071) (#23814)
[ruff] Add unsafe fix for os-path-commonprefix (RUF071) (#23852)
[ruff] Limit RUF036 to typing contexts; make it unsafe for non-typing-only (#23765)
[25 lines not shown]
libtorrent-rasterbar: update to 2.0.12.
2.0.12 released
* fix issue where file priorities could be cleared by force recheck
* fix issue in XML parser
* when building against OpenSSL, require at least version 1.1.1
* add setting to set no-copy-on-write flag on new files
* add performance counters to file pool
* add high_priority flag to torrent_handle::force_reannounce()
* update default DSCP value and update docs
* fix python binding for set_notify_function()
* fix error handling in mmap disk I/O when hashing files
* improve copy_file_range() fallback
* don't overwrite existing files when renaming
* add option to send host header in HTTP proxy CONNECT command
* cache DNS failures for a shorter time
* file_renamed_alert is always posted, regardless of alert mask
* add feature to request resume data synchronously
[6 lines not shown]
py-puremagic: update to 2.1.0.
Version 2.1.0
-------------
- Adding #6 `from_extension()` and `magic_extension()` to look up MIME types by file extension
- Adding #119 CFBF/OLE2 scanner to distinguish Word, Excel, PowerPoint, Outlook MSG, Visio, and Publisher files (thanks to Simeon Stoykov and Andy - NebularNerd)
- Adding #139 codespell check (thanks to Christian Clauss)
- Adding `-e`/`--extension` CLI flag for extension-based MIME type lookup
- Fixing #104 WAV MIME type changed from `audio/wave` to `audio/wav` (thanks to Simon Willison and Andy - NebularNerd)
py-fonttools: update to 4.62.1.
4.62.1 (released 2026-03-13)
----------------------------
- [feaLib] Extend contextual rule merging to all rule types: single subst, GSUB/GPOS
named lookups, ignore rules, and chained alternate subst (#4061).
4.62.0 (released 2026-03-09)
----------------------------
- [diff] Add new ``fonttools diff`` command for comparing font files, imported from the
``fdiff`` project and heavily reworked (#1190, #4007, #4009, #4011, #4013, #4019).
- [feaLib] Fix ``VariableScalar`` interpolation bug with non-linear avar mappings. Also
decouple ``VariableScalar`` from compiled fonts, allowing it to work with designspace data
before compilation (#3938, #4054).
- [feaLib] Fix ``VariableScalar`` axis ordering and iterative delta rounding to match fontc
behavior (#4053).
- [feaLib] Merge chained multi subst rules with same context into a single subtable instead of
[37 lines not shown]
miniflux: update to 2.2.18.
Security
Block outbound requests to private networks made by the fetcher by default.
Add SSRF protection for integration HTTP clients by blocking connections to private network addresses at connect time.
Fix a possible SSRF TOCTOU / DNS-rebinding issue in the fetcher private network check.
Ensure private network protections also apply to redirect targets.
Treat RFC 6598 shared address space (100.64.0.0/10) as non-public.
Breaking Changes
To prevent potential SSRF, Miniflux now blocks access to services hosted on private networks by default.
FETCHER_ALLOW_PRIVATE_NETWORKS=1 must now be enabled to access feeds hosted on a local network.
INTEGRATION_ALLOW_PRIVATE_NETWORKS=1 must now be enabled to access third-party integration services hosted on a local network.
Improvements
[14 lines not shown]
jjui: update to 0.10.1.
Wow, a major release after a very long time. As promised, v0.10 is
ready, and it comes with breaking changes.
First, thank you to everybody who contributed code, bug reports,
ideas, and testing for this release. In particular, thanks to
@baggiiiie for various features and fixes, @nickchomey for
contributions and continuous feedback, and @vic for updating the
documentation website. Thanks as well to everyone else for various
code contributions, reporting issues, and verifying fixes.
We changed a lot in v0.10, but the biggest shift is that we finally
got rid of some legacy configuration and moved to a unified actions
+ bindings model. Old concepts like [custom_commands] and [leader]
are now replaced by a more consistent system built around actions,
bindings, and first-class support for leader-style key sequences.
This release also introduces config.lua, which makes it much easier
[11 lines not shown]
keepassxc: update to 2.7.12.
### Changes
- Passkeys: Set BE and BS flags to true (NOTE: MAY BREAK EXISTING PASSKEYS) [#13042]
- Support TIMEOTP autotype and entry placeholder [#13117]
- Browser: Show URLs in browser access dialog [#12906]
- Bitwarden Import: Add support for nested folders [#13081]
### Fixes
- Prevent exploits through OpenSSL configurations [#13118, #13124]
- Auto-Type: Revert change that caused race condition on Linux [#12738]
- Auto-Type: Fix help button enablement [#12937]
- Browser: Fix showing correct checkbox value in entry Browser Integration settings [#12980]
- Browser: Fix setting browser related values to customData [#13026]
- Passkeys: Add publicKey to register response [#12757]
- Fix main entry URL validation when using placeholders [#12964]
- Fix minor font and theme issues [#12814]
- Fix 'Remove' button in Plugin Data being enabled when no row is selected [#12916]
- Sanitize attachment file names before saving [#13114]
lerc: update to 4.1.0.
## [4.1.0](https://github.com/Esri/lerc/releases/tag/v4.1.0) - 2026-03-09
### Fixed
* Renamed Lerc python package to pylerc.
* Cleaned up the treatment of line endings (CRLF vs LF) across platforms.
* Cleaned up the code to avoid pointer casts from unaligned byte pointers to integer or float pointers. Such pointer casts may cause problems on some platforms (e.g., embedded).
